Mobile Phone Cloning PDF and DOC

Published on July 25, 2016

Abstract

Cell phone cloning is copying the identity of one mobile telephone to another mobile telephone. Usually this is done for the purpose of making fraudulent telephone calls. The bills for the calls go to the legitimate subscriber. The cloner is also able to make effectively anonymous calls, which attracts another group of interested users. Cloning is the process of taking the programmed information that is stored in a legitimate mobile phone and illegally programming the identical information into another mobile phone.

The result is that the "cloned" phone can make and receive calls and the charges for those calls are billed to the legitimate subscriber. The service provider network does not have a way to differentiate between the legitimate phone and the "cloned" phone

HOW IS CELL CLONING DONE?

Cloning involved modifying or replacing the EPROM in the phone with a new chip which would allow you to configure an ESN (Electronic serial number) via software. You would also have to change the MIN (Mobile Identification Number). When you had successfully changed the ESN/MIN pair, your phone was an effective clone of the other phone. Cloning required access to ESN and MIN pairs. ESN/MIN pairs were discovered in several ways:

Sniffing the cellular

Trashing cellular companies or cellular resellers

Hacking cellular companies or cellular resellers

Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older clone able phones are more difficult to find and newer phones have not been successfully reverse-engineered.

Cloning has been successfully demonstrated under GSM, but the process is not easy and it currently remains in the realm of serious hobbyists and researchers.

With technically sophisticated thieves, customers are relatively helpless against cellular phone fraud. Usually they became aware of the fraud only once receiving their phone bill.

Service providers have adopted certain measures to prevent cellular fraud. These include encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs.

Blocking is used by service providers to protect themselves from high risk callers. For example, international calls can be made only with prior approval. In some countries only users with major credit cards and good credit ratings are allowed to make long distance calls. • Blacklisting of stolen phones is another mechanism to prevent unauthorized use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular phones on networks around the world. • User verification using Personal Identification Number (PIN) codes is one method for customer protection against cellular phone fraud. •

Tests conducted have proved that United States found that having a PIN code reduced fraud by more than 80%. • Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls.

• The software also determines whether it is physically possible for the subscriber to be making a call from a current location, based on the location and time of the previous call. Currently, South Africa's two service providers, MTN and Vodacom, use traffic analysis with the International Mobile Equipment Identity (IMEI) - a 15 digit number which acts as a unique identifier and is usually printed on the back of the phone underneath the battery - to trace stolen phones.

HOW BIG OF A PROBLEM IS CLONING FRAUD?

The Cellular Telecommunications Industry Association (CTIA) estimates that financial losses in due to cloning fraud are between $600 million and $900 million in the United States. Some subscribers of Reliance had to suffer because their phone was cloned. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government.

ARE OUR CELL PHONES SECURED?

Too many users treat their mobile phones as gadgets rather than as business assets covered by corporate security policy. Did you realize there's a lucrative black market in stolen and "cloned" Sim cards? This is possible because Sims are not network specific and, though tamper-proof, their security is flawed. In fact, a Sim can be cloned many times and the resulting cards used in numerous phones, each feeding illegally off the same bill.

But there are locking mechanisms on the cellular phones that require a PIN to access the phone. This would dissuade some attackers, foil others, but might not work against a well financed and equipped attacker. An 8-digit PIN requires approximately 50,000,000 guesses, but there may be ways for sophisticated attackers to bypass it.
With the shift to GSM digital - which now covers almost the entire UK mobile sector - the phone companies assure us that the bad old days are over. Mobile phones, they say, are secure and privacy friendly.

This is not entirely true. While the amateur scanner menace has been largely exterminated, there is now more potential than ever before for privacy invasion.

The alleged security of GSM relies on the myth that encryption - the mathematical scrambling of our conversations - makes it impossible for anyone to intercept and understand our words. And while this claim looks good on paper, it does not stand up to scrutiny.

The reality is that the encryption has deliberately been made insecure. Many encrypted calls can therefore be intercepted and decrypted with a laptop computer.

WHAT ARE EMIE AND PIN?

ESN mean Electronic Serial Number. This number is loaded when the phone number is manufactured. this number cannot be tampered or changes by the user or subscriber. if this number is known a mobile can be cloned easily.

Personal Identification Number (PIN).every subscriber provides a Personal Identification Number (PIN) to its user. This is a unique number. If PIN and ESN are know a mobile phone can be cloned in seconds using some software’s like Patagonia. Which is used to clone CDMA phones.

WHAT IS PATAGONIA?

Patagonia is software available in the market which is used to clone CDMA phone. Using this software a cloner can take over the control of a CDMA phone i.e. cloning of phone. There are other Software’s available in the market to clone GSM phone. This software’s are easily available in the market. A SIM can be cloned again and again and they can be used at different places. Messages and calls sent by cloned phones can be tracked. However, if the accused manages to also clone the IMEI number of the handset, for which software’s are available, there is no way he can be traced.

CAN DIGITAL PHONES BE CLONED?

Yes. Digital phones can be cloned however; the mobile phones employing digital TDMA and CDMA technology are equipped with a feature known as "Authentication." Some newer model analog phones also have this feature. Authentication allows the mobile service provider network to determine the legitimacy of a mobile phone. Phones determined to be "clones" can be instantly denied access to service before any calls are made or received.

CAN CALLS ON CLONED PHONE BE TRACKED?

Yes. A SIM can be cloned again and again and they can be used at different places. Messages and calls can track sent by cloned phones. However, if the accused manages to also clone the IMEI number of the handset, for which software’s are available, there is no way the cell can be traced.

HOW TO PREVENT CELL CLONING?

Uniquely identifies a mobile unit within a wireless carrier's network. The MIN often can be dialed from other wireless or wire line networks. The number differs from the electronic serial number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can be checked electronically to help prevent fraud.

.Mobiles should never be trusted for communicating/storing confidential information.

Always set a Pin that's required before the phone can be used.

Check that all mobile devices are covered by a corporate security policy.

Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. How do service providers handle reports of cloned phones?

Legitimate subscribers who have their phones cloned will receive bills with charges for calls they didn't make. Sometimes these charges amount to several thousands of dollars in addition to the legitimate charges.

Typically, the service provider will assume the cost of those additional fraudulent calls. However, to keep the cloned phone from continuing to receive service, the service provider will terminate the legitimate phone subscription. The subscriber is then required to activate a new subscription with a different phone number requiring reprogramming of the phone, along with the additional headaches that go along with phone number changes.

WHAT EXACTLY IS AUTHENTICATION?

Authentication is a mathematical process by which identical calculations are performed in both the network and the mobile phone. These calculations use secret information (known as a "key") preprogrammed into both the mobile phone and the network before service is activated. Cloners typically have no access to this secret information (i.e., the key), and therefore cannot obtain the same results to the calculations.

A legitimate mobile phone will produce the same calculated result as the network. The mobile phone's result is sent to the network and compared with the network's results. If they match, the phone is not a "clone."

CONCLUSION

Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter measures to address cellular phone fraud. Mobile Cloning is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime.